Total
29804 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-2152 | 1 Phpbb Group | 1 Phpbb Advanced Guestbook | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in admin/addentry.php in phpBB Advanced Guestbook 2.4.0 and earlier, when register_globals is enabled, allows remote attackers to include arbitrary files via the phpbb_root_path parameter. | |||||
| CVE-2006-4645 | 1 Akarru | 1 Social Bookmarking Engine | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in akarru.gui/main_content.php in Akarru Social BookMarking Engine 0.4.3.34 and earlier, and possibly 0.4.4.120, allows remote attackers to execute arbitrary PHP code via a URL in the bm_content parameter. | |||||
| CVE-2003-0239 | 1 Mirabilis | 1 Icq | 2025-04-03 | 5.0 MEDIUM | N/A |
| icqateimg32.dll parsing/rendering library in Mirabilis ICQ Pro 2003a allows remote attackers to cause a denial of service via malformed GIF89a headers that do not contain a GCT (Global Color Table) or an LCT (Local Color Table) after an Image Descriptor. | |||||
| CVE-2000-0050 | 1 Allaire | 1 Spectra | 2025-04-03 | 4.6 MEDIUM | N/A |
| The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs. | |||||
| CVE-2005-4770 | 1 Accelerated Enterprise Solutions | 1 Accelerated E Solutions | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in an unspecified Accelerated Enterprise Solutions product, possibly Accelerated E Solutions, allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2004-1117 | 1 Gentoo | 1 Linux | 2025-04-03 | 7.2 HIGH | N/A |
| The init scripts in ChessBrain 20407 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. | |||||
| CVE-1999-1304 | 1 Sco | 5 Open Desktop, Open Desktop Lite, Openserver Enterprise System and 2 more | 2025-04-03 | 7.2 HIGH | N/A |
| Vulnerability in login in SCO UNIX 4.2 and earlier allows local users to gain root access. | |||||
| CVE-2005-2073 | 1 Ibm | 1 Db2 | 2025-04-03 | 2.1 LOW | N/A |
| Unknown vulnerability in IBM DB2 8.1.4 through 8.1.9 and 8.2.0 through 8.2.2 allows local users with SELECT privileges to conduct unauthorized activities and insert, update or delete table contents. | |||||
| CVE-2001-0142 | 5 Immunix, Mandrakesoft, National Science Foundation and 2 more | 5 Immunix, Mandrake Linux, Squid Web Proxy and 2 more | 2025-04-03 | 1.2 LOW | N/A |
| squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations. | |||||
| CVE-2002-1440 | 1 Gateway | 1 Gs-400 | 2025-04-03 | 10.0 HIGH | N/A |
| The Gateway GS-400 server has a default root password of "0001n" that can not be changed via the administrative interface, which can allow attackers to gain root privileges. | |||||
| CVE-2002-1722 | 1 Logitech | 3 Cordless Freedom Itouch Keyboard, Cordless Itouch Keyboard, Itouch Keyboard | 2025-04-03 | 4.6 MEDIUM | N/A |
| Logitech iTouch keyboards allows attackers with physical access to the system to bypass the screen locking function and execute user-defined commands that have been assigned to a button. | |||||
| CVE-2005-3284 | 1 Ahnlab | 3 Myv3, V3net, V3pro 2004 | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in AhnLab V3 AntiVirus V3Pro 2004 before 6.0.0.488, V3Net for Windows Server 6.0 before 6.0.0.488, and MyV3, with compressed file scanning enabled, allow remote attackers to execute arbitrary code via crafted (1) ALZ, (2) UUE, or (3) XXE archives. | |||||
| CVE-1999-0982 | 1 Sun | 2 Solaris, Web-based Enterprise Management | 2025-04-03 | 7.2 HIGH | N/A |
| The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file. | |||||
| CVE-2000-0929 | 1 Microsoft | 1 Windows Media Player | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Windows Media Player 7 allows attackers to cause a denial of service in RTF-enabled email clients via an embedded OCX control that is not closed properly, aka the "OCX Attachment" vulnerability. | |||||
| CVE-2006-3676 | 1 Planet Concept | 1 Planetgallery | 2025-04-03 | 5.1 MEDIUM | N/A |
| admin/gallery_admin.php in planetGallery before 14.07.2006 allows remote attackers to execute arbitrary PHP code by uploading files with a double extension and directly accessing the file in the images directory, which bypasses a regular expression check for safe file types. | |||||
| CVE-2004-1637 | 1 Hawking Technology | 1 Har11a Dsl Router | 2025-04-03 | 7.5 HIGH | N/A |
| The Hawking Technologies HAR11A modem/router allows remote attackers to obtain sensitive information by connecting to port 254, which displays a management interface and information on established connections. | |||||
| CVE-2004-2253 | 1 Netwin | 1 Surgeldap | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and earlier allows remote attackers to read arbitrary files via a .. in the page parameter of the show command. | |||||
| CVE-2005-0357 | 2 Emc, Sun | 3 Legato Networker, Solstice Backup, Storedge Enterprise Backup Software | 2025-04-03 | 7.5 HIGH | N/A |
| EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID. | |||||
| CVE-2006-4087 | 1 Mojoscripts | 1 Mojogallery | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in admin.cgi in mojoscripts.com mojoGallery allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2001-0346 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Handle leak in Microsoft Windows 2000 telnet service allows attackers to cause a denial of service by starting a large number of sessions and terminating them. | |||||